Техническая информация
- [<HKLM>\System\CurrentControlSet\Services\Connection TPM HomeGroup Group Image Play] 'Start' = '00000002'
- [<HKLM>\System\CurrentControlSet\Services\Connection TPM HomeGroup Group Image Play] 'ImagePath' = 'C:\utntexju\mbloyxqfxkhi.exe'
- 'Connection TPM HomeGroup Group Image Play' C:\utntexju\mbloyxqfxkhi.exe
- %WINDIR%\utntexju\ytybmblf
- C:\utntexju\ytybmblf
- C:\utntexju\l63poivwkii2sauqxqu.exe
- C:\utntexju\mbloyxqfxkhi.exe
- C:\utntexju\dlsburyosn.exe
- C:\utntexju\mbloyxqfxkhi.exe
- C:\utntexju\dlsburyosn.exe
- %WINDIR%\utntexju\ytybmblf
- C:\utntexju\l63poivwkii2sauqxqu.exe
- %WINDIR%\utntexju\ytybmblf
- DNS ASK de###eshake.net
- DNS ASK pr####eshare.net
- DNS ASK de###eshare.net
- DNS ASK st####thnearly.net
- DNS ASK st###nearly.net
- DNS ASK st####thhappen.net
- DNS ASK st###happen.net
- DNS ASK st####thshake.net
- 'C:\utntexju\l63poivwkii2sauqxqu.exe'
- 'C:\utntexju\mbloyxqfxkhi.exe'
- 'C:\utntexju\dlsburyosn.exe' "c:\utntexju\mbloyxqfxkhi.exe"